b61b3bc58412d14feb9e0d8da67f9403c7a14df262a721429e908017e7992a15_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b61b3bc58412d14feb9e0d8da67f9403c7a14df262a721429e908017e7992a15_NeikiAnalytics.exe
Size

6KB
MD5

4f81176f23b5db0ccf6e5912d5221a70
SHA1

8a7e76950fdfb063fcb25bf8c2fdb21824f626a2
SHA256

b61b3bc58412d14feb9e0d8da67f9403c7a14df262a721429e908017e7992a15
SHA512

30a373522598044e06e951e5ceedde366c6f83c2c13e40a28c39e658937a96a1ec9ba39f3865f5f3a9bd878adb625f9abea5b07a5ba6513aecb5a1ef866096ec
SSDEEP

96:5z6LzW/D/MVSXvTE/iuoZoJ0ufov7h1pwlBzI04DrkA:xezW/QkLPuo+JW6zIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b61b3bc58412d14feb9e0d8da67f9403c7a14df262a721429e908017e7992a15_NeikiAnalytics.exe

Files

b61b3bc58412d14feb9e0d8da67f9403c7a14df262a721429e908017e7992a15_NeikiAnalytics.exe
.sys windows:4 windows x86 arch:x86

a774d066c727347595054ce367cfb384

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwSetValueKey
wcslen
RtlInitUnicodeString
ZwOpenKey
ExFreePoolWithTag
RtlQueryRegistryValues
RtlAppendUnicodeStringToString
ZwEnumerateKey
ZwQueryKey
memset
RtlCopyUnicodeString
ExAllocatePoolWithTag
IoCreateFile
ZwWriteFile
memcpy
ZwQueryValueKey
ZwSetInformationFile
wcsncat
ZwCreateKey

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ